Subversion: Server Installation, Configuration on Windows

July 2, 2009 at 4:24 am (Release Managment, Version Control, Windows)
Tags: Apache2, Subversion, Subversion on Windows, SVN, Version Contorl, Windows

Subversion: Server Installation, Configuration on Windows

Index

1. Topics covered.

2. Prerequisites

3. Theory:

3.1 What is Subversion?.

4 Setup repository

4.1 Create base repository

4.2 Set access control to repository

5. Test repository by using ‘svnserve’ or ‘svnservice’

6. Configure Apache for Subversion access

6.1 Copy SVN modules and DLLs for Subversion to Apache2.2.

6.2 Create Self-Signed SSL Certificate.

6.3 Create Svnaccess file.

6.4 Configure Apache.

6.5 Configure Apache with SSL.

Step 7 Start services.

Step 8 Check repository on web page.

Appendix: A.. 13

References. 13

1. Topics covered

Installation Subversion on Windows ( x86 )
Installation of Apache on Windows (x86 )
Creating Repository under SVN
Configure Apache

2. Prerequisites

Software Package	Version	Install Dir
Subversion	svn-win32-1.4.6	C:\Program Files\Subversion
Apache2.0 ( with SSL )	apache_2.2.11-win32-x86-openssl-0.9.8i	C:\Program Files\Apache Software Foundation\Apache2.2
Apache Modules	mod_auth_sspi-1.0.4-2.2.2	C:\Program Files\Apache Software Foundation\Apache2.2\modules
SVN Service	svnservice-1.0.0	C:\Program Files\Subversion\bin
Tortoise SVN [ client ]	TortoiseSVN-1.4.7.11792-win32-svn-1.4.6	C:\Program Files\TortoiseSVN

3. Theory:

Version control is the art of managing changes to information.

3.1 What is Subversion?

Subversion is a free/open-source version control system. Subversion manages files and directories over time. A tree of files is placed into a central repository. The repository is much like an ordinary file server, except that it remembers every change ever made to your files and directories. This allows user to recover older versions of user data, or examine the history of how data changed.

4 Setup repository

4.1 Create base repository

Cd D:\SVNREPOS

svnadmin create test

Add trunk, branch, tag directory

e.g.

svn mkdir file:///<<repos_location>>//<repo_name>>/Trunk

svn mkdir file:///<<repos_location>>//<repo_name>>/Tag

svn mkdir file:///<<repos_location>>//<repo_name>>/Branch

svn mkdir file://D:\SVNREPOS/Test/branch -m “Creating branch directory”

svn mkdir file://D:\SVNREPOS/Test/Tag -m “Creating Tag directory”

svn mkdir file://D:\SVNREPOS/Test/Branch -m “Creating branch directory”

4.2 Set access control to repository

Go to repository dir ( e.g. D:\SVNREPOS\Test\conf )
Open the svnserve.conf file in a text editor, and uncomment the [general], anon-access = read, auth-access = write, and password-db = passwd lines. Save.

Open the authz file in a text editor, uncomment the [users] line, and add the username and password you want to use when connecting to your subversion server. Save.

5. Test repository by using ‘svnserve’ or ‘svnservice’

Open command prompt, go to Subversion\bin directory and execute below command svnserve –daemon –root “D:\SVNREPOS\TEST”

Or Alternatively

Install SVNservice onto windows machine and run as per screenshot

It will start SVNService on port 3690

Note: Port 3690 is standard IANA port for SVN Protocol.

6. Configure Apache for Subversion access

Install Apache2.2 and its modules to respective locations.

6.1 Copy SVN modules and DLLs for Subversion to Apache2.2

Copy D:\subversion\bin\mod_dav_svn.so
and D:\subversion\bin\mod_authz_svn.so to C:\Program Files\Apache Software Foundation\Apache2.2\modules\
Copy D:\subversion\bin\libdb44.dll
and D:\subversion\bin\intl3_svn.dll to C:\Program Files\Apache Software Foundation\Apache2.2\bin

6.2 Create Self-Signed SSL Certificate

Follow below commands

- Cd C:\Program Files\Apache Software Foundation\Apache2.2\bin
- openssl.exe req -config openssl.cnf -new -out <<server_Name>>.csr -keyout 3319.pem
- openssl.exe rsa -in 3319.pem -out <<server_Name>>.key
- openssl.exe x509 -in 3319.csr -out <<server_Name>>.crt -req -signkey <<server_Name>>.key -days 365

Now copy generated 3319.crt and 3319.key to C:\Program Files\Apache Software Foundation\Apache2.2\conf folder.

Note: This step is mandatory as SSPI module doesn’t work on http!

6.3 Create Svnaccess file

cd C:\Program Files\Apache Software Foundation\Apache2.2\conf\

—————————-File Content ————————————

[groups]

group1=<domain>\userid3,<domain>/userid2,<domain>/userid3

[/]

* = r

@group1=rw

6.4 Configure Apache

Cd C:\Program Files\Apache Software Foundation\Apache2.2\conf
Edit httpd.conf ( make changes according to server environment marked in Red below ).

ServerRoot “C:/Program Files/Apache Software Foundation/Apache2.2″

Listen 81

LoadModule actions_module modules/mod_actions.so

LoadModule alias_module modules/mod_alias.so

LoadModule asis_module modules/mod_asis.so

LoadModule auth_basic_module modules/mod_auth_basic.so

LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authn_file_module modules/mod_authn_file.so

LoadModule authz_default_module modules/mod_authz_default.so

LoadModule authz_groupfile_module modules/mod_authz_groupfile.so

LoadModule authz_host_module modules/mod_authz_host.so

LoadModule authz_user_module modules/mod_authz_user.so

LoadModule autoindex_module modules/mod_autoindex.so

LoadModule cgi_module modules/mod_cgi.so

LoadModule dav_module modules/mod_dav.so

LoadModule dir_module modules/mod_dir.so

LoadModule env_module modules/mod_env.so

LoadModule include_module modules/mod_include.so

LoadModule isapi_module modules/mod_isapi.so

LoadModule log_config_module modules/mod_log_config.so

LoadModule mime_module modules/mod_mime.so

LoadModule negotiation_module modules/mod_negotiation.so

LoadModule setenvif_module modules/mod_setenvif.so

LoadModule ssl_module modules/mod_ssl.so

LoadModule sspi_auth_module modules/mod_auth_sspi.so

</IfModule>

LoadModule dav_svn_module modules/mod_dav_svn.so #Add this line

LoadModule authz_svn_module modules/mod_authz_svn.so #Add this line

User daemon

Group daemon

</IfModule>

ServerAdmin admin@fm.rbsgrp.net

DocumentRoot “C:/Program Files/Apache Software Foundation/Apache2.2/htdocs”

Options FollowSymLinks

AllowOverride None

Order deny,allow

Deny from all

</Directory>

Options Indexes FollowSymLinks

AllowOverride None

Order allow,deny

Allow from all

</Directory>

DirectoryIndex index.html

</IfModule>

Order allow,deny

Deny from all

Satisfy All

</FilesMatch>

ErrorLog “logs/error.log”

LogLevel warn

LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”" combined

LogFormat “%h %l %u %t \”%r\” %>s %b” common

LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\” %I %O” combinedio

</IfModule>

CustomLog “logs/access.log” common

</IfModule>

ScriptAlias /cgi-bin/ “C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin/”

</IfModule>

</IfModule>

AllowOverride None

Options None

Order allow,deny

Allow from all

</Directory>

DefaultType text/plain

TypesConfig conf/mime.types

AddType application/x-compress .Z

AddType application/x-gzip .gz .tgz

</IfModule>

Include conf/extra/httpd-ssl.conf

SSLRandomSeed startup builtin

SSLRandomSeed connect builtin

</IfModule>

6.5 Configure Apache with SSL

Now Edit file httpd-ssl.conf under C:/Program Files/Apache Software Foundation/Apache2.2/conf/extra (and enable SSL access by changing blue lines below).

Listen 443

AddType application/x-x509-ca-cert .crt

AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin

SSLSessionCache “shmcb:C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)”

SSLSessionCacheTimeout 300

SSLMutex default

DocumentRoot “C:/Program Files/Apache Software Foundation/Apache2.2/htdocs”

ServerName lonms03319.fm.rbsgrp.net:443

ServerAdmin admin@fm.rbsgrp.net

ErrorLog “C:/Program Files/Apache Software Foundation/Apache2.2/logs/error.log”

TransferLog “C:/Program Files/Apache Software Foundation/Apache2.2/logs/access.log”

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile “C:/Program Files/Apache Software Foundation/Apache2.2/conf/3319.crt”

SSLCertificateKeyFile “C:/Program Files/Apache Software Foundation/Apache2.2/conf/3319.key”

SSLOptions +StdEnvVars

</FilesMatch>

SSLOptions +StdEnvVars

</Directory>

BrowserMatch “.*MSIE.*” \

nokeepalive ssl-unclean-shutdown \

downgrade-1.0 force-response-1.0

CustomLog “C:/Program Files/Apache Software Foundation/Apache2.2/logs/ssl_request.log” \

“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

DocumentRoot “C:/Program Files/Apache Software Foundation/Apache2.2/htdocs”

ServerName <<server_name>:443

ServerAdmin admin@fm.rbsgrp.net

ErrorLog “logs/https_error.log”

CustomLog “logs/https_access.log” common

DAV svn

#SVNPath d:/SVNREPOS

SVNListParentPath on

SVNParentPath d:/SVNREPOS

AuthzSVNAccessFile conf/svnaccess.conf # newly created file

AuthType SSPI

AuthName “Subversion Repository”

SSPIAuth On

SSPIAuthoritative On

SSPIDomain <<domain_name>> #Add domain here

SSPIUsernameCase lower

SSPIPerRequestAuth on

SSPIOfferBasic On

SSPIOmitDomain Off

SSPIBasicPreferred On

Require valid-user

</Location>

</IfModule>

</VirtualHost>

7 Start services

Restart Apache and Subversion windows services and check for error ( if any ) in logs in case of failure.

8 Check repository on web page

Open browser and access repository e.g. https://<<server>>/<repo_location>/

Accept the security alert as this is a self signed certificate browser should confirm

Repository should ask login credential, supply user credential as per configuration. e.g. <<domain>>\<<username>>

On successful login you should see repository page like this

Appendix: A

References

http://sourceforge.net/projects/mod-auth-sspi

http://www.neilstuff.com/apache/apache2-ssl-windows.htm

http://tud.at/programm/apache-ssl-win32-howto.php3

http://svnbook.red-bean.com

http://www.subversionary.org/sspidomainauth

Appencix B: Attachments ( for Reference )

/livemeshfolders/BlogUplaod/POC/Apache2.zip

/livemeshfolders/BlogUplaod/POC/_setup.zip

Planetfloss's Blog